ACC

231 AUDITING 1

Chapter 1 The Assurance Services Market

Auditing: the accumulation and evaluation of evidence about information to
determine and report on the degree of correspondence between the information
and established criteria, Auditing should be done by a competent, and
independent person



Unbiased žto provide confidence Qualified, educated,

experience

No relationships, No relatives,

No shares in the company


To do an audit there must be information in verifiable form, some standards
(criteria) by which the auditor can evaluate the information.

Information

Objective Subjective
   
Quantifiable Descriptive
(Number, countable) (non quantifiable)
   
e.g. sales = $10,000 e.g. general speaking (sales is large)

Information ž Corresponding criteria
Financial Statement žGAAP

Tax returns žInternal revenue code

Internal Control žInternal control integrated
framework

Effectiveness of computer system žAgreed about between auditor and
client company

Evidence: Any information used by the auditor to determine whether the
information being audited is stated in accordance with the established criteria.

Examples of Evidence:
1. Conformation from outside parties
2. Checking documents (documentation)
From inside or outside the company
3. Client inquiry (the least used evidence)
4. Observation by auditor
Go inside the company and find out the employees work.

Preparing the Audit report: the final stage in the auditing process, which is the
communication of the auditor’s finding to users.

Hebaalalawi
ACC 231 AUDITING 2

Type of risks

Business risk Interest risk Information risk
     
Due to company’s industry Due to market condition Due to inaccurate information
     
Unavoidable Unavoidable Avoidable by auditors


Information Risk: reflects the possibility that the information upon which the
business risk decision was made was inaccurate.


Causes of information risk
1. Remoteness of information
Auditor can not obtain all information as first hand and second hand information
carries information risk
2. Biases and motives of the provider
When the provider of the information and the user of this information have
inconsistent goals, there is a possibility of information risk.
3. Voluminous data
As organization becomes large, the volume of data increases, which increases the
possibility of error or information risk.
4. Complex exchange transaction
Transactions are becoming complex to record, which increases the possibility of
error or information risk.


Reducing Information risk
1. User verifies information
The user goes to the company’s premises and checks Impractical
the information by himself Due to time and cost

2. User shares information risk with management

Management is responsible for providing reliable,
accurate information, and user can have a lawsuit Impractical
Due to difficulty of tracing losses
against management if misleading decision is taken.
3. Audited financial statement are provided
The most common way to avoid information risk is Practical
Due to having complete accurate
though audited financial statement. and unbiased information






Hebaalalawi
ACC 231 AUDITING 3




















Assurance services: are professional services that provide assurance, and
improve the quality of information for decision makers, and it can be performed
by CPAs or by a variety of other professionals.

Non-assurance Services: to generate on advice or recommendation to
management.
Examples:
1. Accounting and bookkeeping
2. Tax services
3. Other management consulting.

Attestation Service: is a type of assurance service in which the CPA firm issues a
report about the reliability of an assertion that is the responsibility of another
party

How to consider service under attestation category?
Three conditions must be met:
1. Done by CPA or other profession
2. Written report about declaration made by management
3. Assertion
Used to responsibility of other parties.


Certain management consultant: one area of overlap between assurance and
non-assurance services.

ž If the service aims at improving quality of information, it is an assurance
service, e.g “ checking accuracy of computer systems”

ž If the service aims at providing advice or recommendation to management its
non assurance service, e.g “ suggesting installing new computer systems”

Hebaalalawi
ACC 231 AUDITING 4


Attestation services
1. Audit of historical financial statements
Management asserts that historical financial statement are The most common
provided in accordance with GAAP or IFRS and auditor report type of attestation
services
on whether accounting statement are applied or not.
2. Effectiveness of Internal control over financial reporting
Management asserts that internal control procedures are in Only public
companies are
accordance with well established internal control frameworks required to do
and auditor issues a written report on the effectiveness of audit of internal
internal controls control

3. Review of historical financial statements

Management asserts that historical financial statement are
prepared in accordance with applicable accounting standards,
and auditors reports in the reliability of the financial statement Review provides
limited assurance

A review provides lower level assurance rather than a higher level of assurance as
audit using less evidence and incurring less cost.

4. Attestation service on information technology (web trust – SYS trust)

Management asserts about the reliability and security of electronic information,
and CPA issues a written report on the reliability of online information.

Examples:
Web trust ž (attestation service) seas is a symbolic representation of the CPA’s
report on management’s assertions about its disclosoures of electronic
commerce practices. I.E. assuring the security of information on website.

SYS trust ž is an attest-type engagement to evaluate and test system reliability
in areas such as security and data integrity. I.E. assuring the reliability of
electronic information system
5. Other attestation services
Example 1: Auditor reports on management assertion of complying with loan
provision.
Example 2: Auditor reports on management assertion on the reliability of
forecasted financial statement.

Hebaalalawi
ACC 231 AUDITING 5


Other assurance services: do not meet the formal definition of attestation
services, and CPA is not required to issue a written report, and the assurance
does not has to be about the reliability of another party’s assertion about
compliance with specified criteria.
I.E. It doesn’t meet the three conditions of attestation services ‘ usually it lost one
or two of them’

AICPA Assurance service: The American Institute of Certified Public
Accountants (AICPA) formed the special committee on Assurance Services
(SCAS).

Examples of other assurance services:
1. Controls over and risks related to investments.
2. Assessing the processes in a company’s investment practices to identify
risk.
3. Assess risks of accumulation, distribution, and storage of digital
information.
4. Assessing security risks and related controls over data and other
information stored electronically.
5. Fraud and illegal acts risk assessment.
6. Compliance with trading policies and procedures.
7. Compliance with entertainment royalty agreements.
8. ISO 9000 certification.
9. Environment audit (ISO 14000)

Accounting Auditing
Accounting is the recording, Auditing is determining whether
classifying, and summarizing of recorded information
Definition economic events for the purpose of Properly reflects the economic
providing financial information used events that occurred during the
in decision-making. accounting period.
Beginning of Work of accounting begins when Work of auditing begins when work
Work financial transactions take place of accounting ends.
Accounting prepares profit and loss Auditor checks the books of
account and balance sheet and accounts considering their fairness
Scope
other statements as per the as well as complying with the
instruction of management provision of company act or not.
Accounting keeps the record of Auditor checks and verifies the
Nature of Work
financial transactions books of accounts.
An accountant is a staff of an Auditor is an independent person
Staff organization and draws the salary who is appointed for specific period
from the business and gets a sum of remuneration.
An accountant remains responsible An auditor is responsible to the
Responsibility
to the management owners or shareholders.
Auditor must NOT have spouse
Relationship Accountant can be a spouse relations or any such which may
create bias.
GAAP GAAS
Method used (Generally accepted accounting (Generally accepted auditing
principles) standards)



Hebaalalawi
 ACC 231 AUDITING 6

Type of Audit
1. Operational Audit
Definition - Operational audit results are directed to
management which experts to have an advice or
recommendation.
- In operational Audit, the auditor doesn’t audit
Evaluates the efficiency and
accounting information only, but also information
effectiveness of any part of
about organizational structure, computer systems,
an organization’s operating
production methods, marketing operations …etc.
procedures and methods.
- In operational audit, information audited is more
subjective rather than objective.
“ More management consulting rather than auditing”
Example Information Established Criteria Available Evidence
Number of
records
Company standards Error reports,
Evaluate computerized processed,
for efficiency and payroll records, and
payroll system for efficiency cost of the
effectiveness in payroll processing
and effectiveness department,
payroll department costs
and number
of errors
2. Compliance Audit
Definition
- Compliance audit results are directed to
management rather than outside users because
Is to determine whether the
management has the primary responsibility for
auditor is following specific
complying or following rules and regulations.
procedures, rules set by the
- Auditors who are employees in the company
higher authority
preform compliance audit.
Example Information Established Criteria Available Evidence
Determine whether bank Financial statement
Company Loan agreement
requirements for loan and calculations by
records provisions
continuation have been met the auditor
3. Financial Statement Audit
Definition - The auditor should collect evidence on the
possibility of material errors or misstatements.
- The auditor audit accounting transactions for errors
To determine whether the and misstatement as well as controls intended to
overall F.S are stated prevent them.
according with GAAP - The auditor should understand the entity its
industry, its regulatory environment, its business
strategy …etc.
Example Information Established Criteria Available Evidence
Boeing’s Generally accepted Document’s, records,
Annual audit of Boeing’s
financial Accounting and outside sources
financial statement
statement principles (GAAP) of evidence

Hebaalalawi
 ACC 231 AUDITING 7

Type of Auditors
1. Certified public accounting firms (CPA)
Definition
- CPA’s are primarily responsible for financial statement audits of all
publicly traced companies “companies listed in stock exchange”,
CPA works in private sector or in other large or small companies as well as non-profit organizations.
public sector - CPA’s must carry CPA certificate.
- CPA’s also called ‘External Auditors’, or ‘Independent Auditor’

2. Governmental accounting office auditor (GAO)

Definition
- GAO’s are employed by government to audit the governmental
agencies.
- Governmental financial information is defined by law, and auditor
Is an Auditor working for the US checks its compliance with law “compliance auditors”
government Accountability office
- GAO’s also evaluate the efficiency and effectiveness of the different
(GAO) to report to the congress
governmental agencies “operational audits”
- Most GAO’s take the CPA certificate.

3. Internal revenue Agents (IRS)

Definition
- They are employed by internal revenue service (IRS) to audit tax
returns submitted by tax payers to determine whether they
Responsible to audit the complied with tax laws “compliance auditors”
taxpayers’ returns to determine - Tax returns can range from those of individuals to multinational
whether they have complied with
organizations, including any tax laws such as individual income
the federal tax laws.
tax, real estate tax, corporate tax …etc.

4. Internal Auditors
Definition - Internal auditors are employed by companies to audit for
management.
- Internal auditors are primarily responsible for Operational audits
Are employed by companies to as well as compliance audits.
audit for management. - Internal auditors have employer-employee relationship that is why
they lack independence.
- They own CPA certificate or CIA certificate ‘certified internal auditors’

Three Requirements for Becoming a CPA:
1. Educational requirement (150 hours) semester Credits, graduate with a major in
accounting.
2. Uniform CPA examination requirement in:
- Auditing and attestation.
- Financial accounting and reporting.
- Regulation.
- Business environment, and concept.
3. Experience requirement “2 years”.

Hebaalalawi
ACC 231 AUDITING 8

For each of the following questions, indicate whether the statement is true
(T) or false (F), Re-write False statement only.

1. ( )The criteria by which an auditor evaluates the information under audit
may not vary regardless of the information being audited.

2. ( )The criteria used by an external auditor to evaluate published financial
statements are known as generally accepted auditing standards

3. ( )Information risks generally decrease as entities become smaller.


MCQ:

1. The process of recording, classifying, and summarizing economic events
in a logical manner for the purpose of providing financial information for
decision-making is:
A. Finance
B. Auditing.
C. Accounting.
D. Economics.


2. Which of the following can be significantly affected by an audit?
A. Business risk.
B. Information risk.
C. The risk-free interest rate.
D. All of these.




Answers:

1. (F) The criteria by which an auditor evaluates the information under audit
may vary according to the information being audited.

2. (F) The criteria used by an external auditor to evaluate published statement
are known as generally accepted accounting principles (GAAP).

3. (T)


MCQ:
1(C)
2(B)






Hebaalalawi
ACC 231 AUDITING 9



E1-16 (Objective 1-5) The list below indicates various audit, attestation, and assurance
engagements involving auditors.
1. A report on the effectiveness of internal control over financial reporting as
required by Section 404 of the Sarbanes–Oxley Act.
2. An auditor’s report on whether the financial statements are fairly presented in
accordance with International Financial Reporting Standards.
3. A report stating whether the company has complied with restrictive covenants
related to officer compensation and payment of dividends contained in a bank
loan agreement.
4. An electronic seal indicating that an electronic seller observes certain practices.
5. Evaluating the voting process and certifying the outcome for rolling stone
magazine’s “Greatest singer of all Times” poll.
6. A report indicating whether a governmental entity has complied with certain
government regulations.
7. A report on the examination of a financial forecast.
8. A review report that provides limited assurance about whether financial
statements are fairly stated in accordance with U.S. GAAP.
9. A report on management’s assertion on the company’s level of carbon emissions.
10. A report about management’s assertion on the effectiveness of controls over the
availability, reliability, integrity, and maintainability of its accounting
information system.
11. An evaluation of the effectiveness of key measures used to assess an entity’s
success in achieving specific targets linked to an entity’s strategic plan and
vision.


E1-21 (Objectives 1-6, 1-7) In the normal course of performing their responsibilities,
auditors often conduct audits or reviews of the following:
1. Federal income tax returns of an officer of the corporation to determine whether
he or she has included all taxable income in his or her return.
2. Financial statements for use by stockholders when there is an internal audit
staff.
3. A bond indenture agreement to make sure a company is following all
requirements of the contract.
4. Internal controls at a casino to ensure the casino is in compliance with federal
and state regulations.
5. Computer operations of a corporation to evaluate whether the computer center
is being operated as efficiently as possible.
6. Annual statements for the use of management.
7. Operations of the IRS to determine whether the internal revenue agents are
using their time efficiently in conducting audits.
8. Statements for bankers and other creditors when the client is too small to have
an audit staff.
9. Financial statements of a branch of the federal government to make sure that the
statements present fairly the actual disbursements made during a period of time.
10. Federal income tax returns of a corporation to determine whether the tax laws
have been followed.
11. The computer operations of a large corporation to evaluate whether the internal
controls are likely to prevent misstatements in accounting and operating data.
12. Disbursements of a branch of the federal government for a special research
project to determine whether the expenditures were consistent with the
legislative bill that authorized the project.



Hebaalalawi
ACC 231 AUDITING 10

Answers

E1-16:
1- Attestation service
2- Attestation service
3- Attestation service
4- Attestation service
5- Attestation service
6- Attestation service
7- Attestation service
8- Attestation service
9- Attestation service
10- Attestation service
11- Assurance service



E1-21:

Type of Audit Type of Auditor
1 Compliance Audit IRS
2 Financial Statement Audit CPA
3 Compliance Audit CPA
Internal Control
4 Compliance Audit Internal Auditor
GAO
5 Operational Audit Internal Auditor
6 Financial Statement Audit Internal Auditor
CPA
7 Operational Audit GAO
8 Financial Statement Audit CPA
9 Financial Statement Audit GAO
10 Compliance Audit IRS
11 Operational Audit Internal Auditor
Financial Statement Audit CPA
12 Compliance Audit GAO

Hebaalalawi